Theophilus Osemeke
Ottawa,ON
Summary
IT professional with robust background in risk analysis and mitigation, specializing in identifying and managing cybersecurity threats. Adept at developing and implementing risk management frameworks, ensuring compliance with industry standards. Strong focus on team collaboration and achieving results. Known for reliability and adaptability in dynamic environments. Skilled in risk assessment, threat analysis, and regulatory compliance.
Overview
11
11
years of professional experience
1
1
Certification
Work History
IT Risk and Compliance Lead
GIANT TIGER
04.2021 - 09.2024
- Provided ongoing support and maintenance for the Archer GRC platform, ensuring optimal performance and alignment with business requirements
- Created and maintained technical documentation for Archer configurations and customizations
- Gathered functional requirements for new Archer modules and workflows, working closely with cross teams and stakeholders to meet business needs
- Overseeing IT compliance programs such as SOX, PCI-DSS, including control identification, testing, execution, and reporting
- Writing and maintaining information security policy documents and execute the sign-off, ongoing maintenance, and annual review process
- Conducting periodic risk assessments and collaborating with stakeholders to develop and implement risk mitigation strategies
- Assessing IT procedures, controls, and documentation to ensure adherence to company policies and regulatory requirements
- Engaging with internal teams and external auditors to support compliance and audit activities
- Ensuring new software meets compliance requirements before deployment and integration
- Preparing detailed audit reports and compliance documentation, presenting findings and recommendations to management
Senior Analyst IT Audit and Compliance
CIBC
01.2018 - 03.2021
- Performed IT risk assessments by identifying, evaluating, and assessing IT development, maintenance activities, emerging technologies, and regulations relating to IT security, corporate governance, and information privacy
- Developed IT audit work programs based upon identified risks, including ITGC reviews, ITAC reviews, and information security assessments
- Partnered with various stakeholders on the maintenance and execution of Sarbanes-Oxley (SOX) compliance processes, specifically information technology controls
- Conducted IT audits to assess adherence to PCI-DSS, GDPR, NIST 800-53, and ISO 27001 standards
- Supported regional data privacy regulations through the deployment and monitoring of automated tools deployed to minimize data loss
- Conducted risk assessments and identifying potential areas of compliance vulnerability and risk
- Conducted audit procedures, including collecting, reviewing, and analyzing relevant information, documenting business processes and procedures, developing criteria, evaluating evidence, completing audit documentation, and identifying and defining issues and recommendations
- Collaborated with management to establish timely, appropriate action plans and conduct audit follow-ups of management's actions
- Managed multiple concurrent audit engagements, prioritizing tasks to meet deadlines without compromising quality
- Identified control gaps in processes, procedures and systems through in-depth research and assessment and suggested methods for improvement
IT Auditor
JP Morgan Chase
08.2015 - 12.2017
- Evaluated IT controls, including security, access, and data integrity
- Identified opportunities for process improvements within the IT department by analyzing current operational structures and recommending strategic changes when necessary
- Managed audit projects from inception to conclusion, delivering high-quality outcomes aligned with organizational objectives and stakeholder expectations
- Coordinated with external auditors during annual reviews, ensuring seamless communication and timely resolution of any concerns raised
- Evaluated internal controls and processes, streamlining workflows for increased efficiency and risk mitigation
- Enhanced IT security by conducting comprehensive audits and identifying potential risks within the organization
- Participated in IT governance initiatives, contributing to the development of robust policies and standards for consistent information security management across the organization
- Executed risk-based audits and advisory engagements in a broad variety of IT processes and projects
- Prepared formal audit/review reports and communicate audit findings and recommendations clearly and concisely
- Conducted regular follow up with action owners to ensure managements timely completion of the remediation action
Data Analyst
MTN Communications
01.2014 - 07.2015
- I analyzed data to identify trends, patterns, and correlations to support business decisions
- Extracted data from various sources, transformed into a usable format, and load it into database
- Created monthly reports, dashboard and visualizations to communicate insights to stakeholders
- Ensured data accuracy, completeness, and consistency
- Analyzed business performance metrics and identified areas of improvement
- Ensured data security and compliance with organizational policies
- Worked with cross-functional teams, including business, product development, and IT
- I maintained documentation of data analysis, reports, and processes
Education
Bachelor of Science - Mathematics And Statistics
Delta State University
Delta State, Nigeria.Skills
- Application security
- Security policy development
- Information assurance
- Cloud security
- Business continuity planning
- DDoS prevention
- Patch management
- Security analysis
- Cybersecurity frameworks
- Problem-solving abilities
- Time management abilities
- Wireshark software
- Firewall Management
- Adaptability
- Business Continuity
- Regulatory Compliance
- Disaster Recovery Planning
- Vulnerability Analysis
- Reporting and documentation
Languages
English
Full Professional
Certification
- CISA - Certified Information Systems Auditor
- CompTIA Cloud+
- CRISC - Certified in Risk and Information Systems Control
- Udemy - ISO 27001 Information Security Lead Auditor
CISA - Certified Information System Auditor
The CISA certification focuses on;
- Risk Management
- IT Audit and assurance
- Governance and management
- Information System Operations, maintenance, and support
- Information System Acquisition, development, and Implementation
Timeline
IT Risk and Compliance Lead
GIANT TIGER
04.2021 - 09.2024
Senior Analyst IT Audit and Compliance
CIBC
01.2018 - 03.2021
IT Auditor
JP Morgan Chase
08.2015 - 12.2017
Data Analyst
MTN Communications
01.2014 - 07.2015
Bachelor of Science - Mathematics And Statistics
Delta State University
Similar Profiles
Reece RossettiReece Rossetti
Grocery Associate at Giant TigerGrocery Associate at Giant Tiger
Hailey Lurk IacovittiHailey Lurk Iacovitti
Customer Service Cashier at Giant TigerCustomer Service Cashier at Giant Tiger
NATALIE WILSONNATALIE WILSON
Fashion Associate at Giant TigerFashion Associate at Giant Tiger
Justin LeederJustin Leeder
Grocery Associate at Giant TigerGrocery Associate at Giant Tiger
Bichara Mahamat AliBichara Mahamat Ali
Supervisor at McDonald'sSupervisor at McDonald's